PCT 

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(51) International Patent Classification 6 : 
G06F 17/60 



(11) International Publication Number: WO 99/03053 

(43) International Publication Date: 21 January 1999 (21 .01 .99) 



(21) International Application Number; PCTVUS98/13585 

(22) International Filing Date: 7 July 1998 (07.07.98) 



(30) Priority Data: 
08/891,529 



10 July 1997 (10.07.97) 



(71) Applicant: EMSEMBLB SOLUTIONS, INC. [US/US]; Suite 

250, 4675 Stevens Creek Boulevard, Santa Clara, CA 95051 
(US). 

(72) Inventors: HORSTMANN, Jens, U.; 3633 Vireo Avenue, 

Santa Clara, CA 95051 (US). SPIES, Frank, M.; Apartment 
127, 1600 Villa Street, Mountain View, CA 94041 (US). 

(74) Agents: OGONOWSKY, Brian, D. et al.; Skjerven, Morrill, 
MacPherson, Franklin & Friel LLP, Suite 700, 25 Metro 
Drive, San Jose, CA 9S110 (US). 



d States: AL, AM, AT, AU, AZ, BA, BB, BG, BR, 
BY. CA, CH, CN, CU, CZ, DE, DK, EE, ES, FI, GB, GB, 
GH, GM, GW, UU, JD, IL, IS, JP, KB, KG, KP, KR, KZ, 
LC, LK, LR, LS, LT, LU, LV, MD. MG, MK, MN, MW, 
MX, NO, NZ, PL, PT, RO, RU, SD, SB. SG, SI. SK, SL, TJ, 
TM, TR, TT, UA, UG, UZ, VN, YXJ, ZW, ARIPO patent 
(GH, GM, KB, LS, MW. SD. SZ, UG, ZW), Eurasian patent 
(AM, AZ, BY, KG, KZ, MD, RU, 17, TM), European patent 
(AT, BE, CH, CY, DE, DK, ES, FL FR, GB, GR, IE, IT, 
LU, MC, NL, PT, SE). OAPI patent (BF, BJ, CF, CG, CI, 
CM, GA, GN, ML, MR, NE, SN, TD, TG). 



With international search report. 

Before the expiration of the time limit for amending the 
claims and to be republished in the event of the receipt of 
amendments. 



(54) Title: AUTOMATED PROCESSING OF BUSINESS ENTITIES DISTRIBUTED OVER A NETWORK 
(57) Abstract 

A method and a system are provided for processing business entities 
over a computer network. The system is not disabled by a disruption of 
communications or by heavy network traffic conditions on the computer 
network. The method and system of the present invention allow for extensive 
business entities and even for automatic 



modification of the functionality of distributed business entities. The method 
initially creates multiple copies of a business entity on a host computer 
connected to the network. One of the copies of the business entity is then 
stored on the host compouter, while the others are transmitted to remote 
computers over the network. When an operation (e.g., making a reservation) 
is performed on a copy of the business entity (regardless of which computer 
the copy of the business entity is stored on), the remaining copies of the 
business entity are automatically updated. Business entities can operate in an 
event-driven fashion (i*., responding to a change in the business attributes 
or the business rules of one or more copies of a business entity). Thus, the 
functionality of all copies of a business entity can be modified by a change of 
a single copy of the business entity. Since business entities may collaborate 
to perform a task, the operation of a business entity may also be driven by 
a change in a copy of a different business entity. Finally, distributed copies 
of a business entity may be further distributed to additional computers. 
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AUTOMATED PROCESSING OF BUSINESS ENTITIES 
DISTRIBUTED OVER A NETWORK 



BACKQBQIMIQEJHEflDgEffllPJi 
Field of the Invention 

10 The present invention is related generally to a computer system and, in 

particular, to a method and apparatus for processing business entities distributed 
over a network. 

Related Art 

15 Current systems for conducting electronic commerce over a computer 

network (e.g., the Internet) typically employ a client-server model for requesting 
and obtaining information using computers connected to the network. For 
example, a travel agency trying to sell vacation packages on the Internet typically 
maintains a web page that provides information about the services offered to 

20 customers by the agency. The web page may include one or more links to other 
web pages. For example, links to web pages maintained by individual travel 
service providers (e.g., airlines, hotels and car rental companies) are typically 
included in travel agencies' web pages. Customers of the travel agency can thus 
book vacation packages either through the agency's web page or by following links 

25 to individual airlines, hotels and car rental companies' web pages. 

In addition, some prior art electronic commerce systems use distributed 
objects, in addition to web pages, to provide more extended functionality on the 
client side. One such system [hereinafter the "ClubMed system"] is described on 
pages 541-607 of "Client Server Programming with JAVA™ and CORBA" by 
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Robert Orfali and Dan Harkey (John Wiley and Sons : New York, NY, 1997). The 
structure of the ClubMed system is shown in Fig. 1 . 

In Fig. 1, several clients 100 communicate with a server 110 via a network 
120. Objects are distributed between the server 110 and the clients 100 via 
5 CORBA/IIOP modules 140. Information extracted from database 130 is organized 
in several objects 150 stored on server 110. The objects 150, in turn, are 
distributed to clients 100 via CORBA/IIOP modules 140 over the network 120. 
Finally, applets 160 are executed by clients 100 to display the information of 
objects 150. 

1 0 A user of client 1 00 can access a ClubMed web page from server 1 10, 

check on prices and availability of resorts during different seasons and make or 
cancel reservations, directly from client 100. While the ClubMed system 
represents an improvement over the simple web page reservation system described 
above, the ClubMed system still employs a client-server model. For example, 

1 5 when the user of client 1 00 requests a reservation, the request is sent to server 1 1 0 
which processes the request and returns a confirmation number back to the client 
100 and the user. Thus, if either the network connection between client 100 and 
server 1 10 is disrupted or server 110 is unavailable, the ClubMed system is 
disabled. Furthermore, during periods of heavy network traffic on network 120, 

20 the user of client 100 may experience lengthy time delays in making or canceling 
the reservation. 

As a result, there is a need for a method and a system to process business 
entities over a network that is not disabled by the interruption of a network 
connection between computers connected to the network and whose performance is 
25 not disrupted by periods of heavy network traffic over the network. 

SUMMAJDLOJJfflMNYEmQM 

Accordingly, a method and a system are provided for processing business 
entities over a computer network. The system is not disabled by a disruption of 
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communications over the computer network and the system's performance is not 
significantly affected by heavy network traffic conditions on the computer 
network. The method and system of the present invention allow for extensive 
collaboration among distributed business entities and even for automatic 

5 modification of the functionality of distributed business entities. 

The method initially creates multiple copies of a business entity on a host 
computer connected to the network. One of the copies of the business entity is 
then stored on the host computer, while the others are transmitted to remote 
computers over the network. When an operation (e.g., making a reservation) is 

1 0 performed on a copy of the business entity (regardless of which computer the copy 
of the business entity is stored on), the remaining copies of the business entity are 
automatically updated. Since business entities have both business attributes and 
business rules, the functionality of all copies of the business entity can be altered as 
a result of an operation performed on a single copy of the business entity. 

1 5 The system is not disabled by a disruption of communications over the 

computer network (or by heavy traffic conditions on the computer network) after 
the copies of the business entity have been distributed, since each copy of the 
business entity can be operated upon independently. The remaining copies of the 
business entity can then be updated to maintain consistency when the network 

20 connection is reestablished. As a result, a user of the system does not have to wait 
for a response from a server before completing the operation, as required by prior 
art systems. 

Furthermore, business entities can operate in an event-driven fashion (i.e., 
responding to a change in the business attributes or the business rules of one or 
25 more copies of a business entity). Thus, the functionality of all copies of a 

business entity can be modified by a change in the business attributes of a single 
copy of the business entity. Since business entities may collaborate to perform a 
task, the operation of a business entity may also be driven by a change in a copy of 
a different business entity. 
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Finally, distributed copies of a business entity may be further distributed to 
additional computers. 



BRIEF DESCRIPTIQNjQOI30£J3EAMtjQ 
5 Fig. 1 illustrates a prior art electronic commerce system using distributed 

objects. 

Fig. 2 illustrates a business entity processing system according to one 
embodiment of the present invention. 

Fig. 3 is a diagram of the business entity classes of a travel reservation 
10 system, according to one embodiment of the invention. 

Fig. 4A illustrates a copy of business entity A on computer 210 of Fig. 2. 

Fig. 4B illustrates a copy of business entity A on computer 240 of Fig. 2. 

Fig. 5 is a flow diagram of an automated update of business entities 
operation, according to one embodiment of the invention. 
15 Fig. 6 is a flow diagram of a data caching operation, according to one 

embodiment of the invention. 

Fig. 7 is a block diagram of a computer system according to one 
embodiment of the invention. 

Fig. 8A is a block diagram of a security system, according to one 
20 embodiment of the invention. 

Fig. 8B shows a firewall, according to one embodiment of the invention. 

DETAILED DESCRIPTION OF THE INVENTION 

A system for automated processing of business entities, according to one 
25 embodiment of the invention, is shown in Fig. 2. The system has several 

computers 21 0, 220, 230, 240 and 250 connected to a computer network 200. Each 
of computers 210, 220, 230, 240 and 250 has an adapter (not shown in the 
drawing) that allows the computer to process business entities distributed to other 
computers over the network. The adapter is implemented as a computer program 



WO 99/03053 



PCT/US98/13585 



that handles transfers of business entities among computers connected to the 
network, as well as providing additional services such as data caching and 
automated synchronization of business entities. Data caching is a process by which 
portions of data stored on a host computer connected to a network are transmitted 
5 to and stored on a remote computer to allow faster access to the data by the remote 
computer. Automated synchronization is a process by which portions of the data 
stored on more than one computer connected to the network (e.g., for data caching 
purposes) are updated to ensure data consistency across different computers. As 
those skilled in the art are familiar with these processes, they are not further 

10 described herein. 

In addition, computers 210, 220 and 230 have databases, 215, 225 and 235. 
Legacy gateways 217, 227 and 237 are used to interface between computers 210, 
220 and 230 and databases 215, 225 and 235. Legacy gateways 217, 227 and 237 
translate data formatted for processing by legacy applications to and from a format 

15 used in processing business entities. Computers 210, 220 and 230 have copies of 
business entities A, B and C, respectively. Copies of business entities A, B and C 
can be transferred between computers 210, 220, 230, 240 and 250 via computer 
network 200. Thus data stored in databases 215, 225 and 235 can be converted 
into copies of business entities A, B and C and transferred between computers 

20 connected to the network. Copies of business entities A, B and C can then be 
processed independently on each of the computers to which they are transferred. 
Once a copy of a business entity is modified on one of the computers, the 
other copies of the business entity are automatically updated to ensure data 
consistency. However, unlike in prior art systems where data was updated 

25 synchronously as part of the operation modifying the data, the embodiments of the 
invention allow for updates to be performed asynchronously, after the operation 
modifying the business entity is completed. As a result, the functioning of a 
system according to an embodiment of the invention is not interrupted by a 
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disruption of communications over the network nor is it significantly impacted by 
heavy traffic conditions over the network. 

This is accomplished by incorporating both business attributes and business 
rules into business entities so that business entities transmitted from a host 
5 computer to a remote computer over the network are able to perform on the remote 
computer any operations which could be performed on the host computer without 
the need for further communications with the host computer. For example, the 
ClubMed system used in describing the prior art can be implemented using an 
automated business processing system, according to an embodiment of the 

10 invention, in the following manner. First, a number of business entities are created 
to model a reservation system of a vacation resort. Each business entity includes 
both business attributes and business rules. Business attributes are data structures 
for storing information concerning the item represented by the business attribute. 
A data structure is a set of data elements (variables, pointers, data fields, links, 

1 5 images, etc.) having a relationship defined by the data structure. Examples of data 
structures are vector arrays, constructs, linked lists, records, etc. Business rules are 
operations that can be performed on business attributes. Business rules can be 
either functions (i.e., segments of computer code that can be invoked through an 
API) or rules (i.e., segments of computer code that are automatically invoked when 

20 certain data elements are updated). Finally, business rules are tied to business 
attributes since each business rule is designed to operate on certain business 
attributes. 

According to the object oriented programming paradigm, business entities 
are organized in classes arranged in a hierarchical order, so that common properties 
25 of business entities may be shared among different classes by inheritance. Thus, 
both business attributes (data structures) and business rules (code) can be shared 
via inheritance among business entities. 

Fig. 3 illustrates business entity classes that could be used to implement a 
reservation system similar to the ClubMed example described with respect to prior 
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art systems. Each of the business entity classes of Fig. 3 is represented by a bubble 
containing the name of the business entity class in bold on the top line, followed by 
two columns of text listed side by side under the name. The left column lists the 
business attributes of the business entity class, while the right column lists the 
5 business rules of the business entity. The relative horizontal position of the 

bubbles represents the hierarchical relationship of the business entity classes. For 
example, ReservationEntity class 330 is shown below TravelEntity class 310 and 
above Car class 380 with solid lines connecting their respective bubbles. This 
spatial arrangement indicates that ReservationEntity class 330 is a child of 

10 TravelEntity Class 3 1 0 and a parent of Car class 380. Thus, ReservationEntity 
class 330 inherits all properties of TravelEntity class 310 including all business 
attributes and business rules definitions. Car class 380, in turn, inherits all 
properties of ReservationEntity class 330, including all properties of Travel Entity 
Class 310. Business rules and business attributes of a business entity which are 

1 5 inherited from a different business entity are shown in italics in Fig. 3. 

In Fig. 3, RemoteObject entity class 300 is a class of a distributed object 
system which handles communications over the network, as well as data caching 
and synchronization of distributed objects. In one embodiment, the RemoteObject 
entity class is an object-oriented wrapper around an RPC library. However, while 

20 the RemoteObject entity class is described for clarity, any other distributed object 
system known in the art may be used in place of the RemoteObject entity class and 
the invention is not limited to any specific distributed object system. TravelEntity 
class 310 is a business entity class which defines the core functions of all business 
entity classes of Fig. 3, as the remaining business entity classes of Fig. 3 inherit the 

25 properties of TravelEntity class 3 1 0. TravelEntity class 310 has three business 

attributes: mode, server and id. The id attribute stores a unique identification string 
for each instance of TravelEntity class 310, while the server attribute stores the 
identification string of a server distributed object. The mode field, on the other 
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hand, is used to keep track of the mode of operation of each instance of 
TravelEntity class 310, as shown in Figs. 4 A and 4B. 

In Fig. 4A, mode attribute 400 of business entity A, which is an instance of 
TravelEntity class 310 (Fig. 3), indicates that business entity A operates in client 
5 mode. Alternatively, in Fig. 4B mode attribute 400 of business entity A, which is 
an instance of TravelEntity class 3 10 (Fig. 3), indicates that business entity A 
operates in server mode. Other modes of operations, in addition to server and 
client modes, can also be used. For example, in the travel reservation example of 
Fig. 3, five modes of operation are described in the program of Appendix A: client, 

1 0 server, physical, associate and identifier. Different modes are required since in a 
distributed object environment, multiple copies of a business entity exist on 
different computers connected to the network. Modes regulate the role of each of 
the different copies of the business entity with respect to the other copies of the 
business entity. Initially, a business entity class is instantiated to create a copy of a 

1 5 business entity on a computer to represent a physical object, such as an hotel or a 
car. That copy of the business entity is thus in physical mode. The business entity 
is then distributed by creating a remote copy of the business entity (in associate 
mode) and transmitting the remote copy to a different computer connected to the 
computer network. The copy of the business entity on the host computer switches 

20 from physical mode to server mode to indicate that the business entity has been 
distributed. If the remote copy of the business entity needs to access the host copy 
of the business entity, a connection is established over the computer network and 
the remote copy of the business entity switches from associate mode to client mode 
for the duration of the connection. 

25 While during certain operations one copy of the business entity acts as a 

server and another copy of the business entity acts as a client, each copy of the 
business entity operates in different modes. For example, a copy of a business 
entity may itself generate a new copy of the business entity and distribute the new 
copy over the network. In such case the old copy (remote) of the business entity 
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serves as a server and the new copy (network) serves as a client. Thus, the model 
of communication among copies of a business entity is more properly characterized 
as peer-to-peer rather than as client-server. 

In addition to business attributes, TravelEntity class 310 also has a number 
5 of business rules such as checkO, getServiceldO, getTypeO and getNameO- 
Business rules are also inherited by business entity classes descending from 
TravelEntity class 310. 

ReservationEntity class 330, in turn, provides the functionality common to 
all business entity classes that can be reserved using the travel reservation system. 

10 For example, business rules makeQ and cancdQ are defined in ReservationEntity 
class 330. Other business entity classes which inherit the properties of 
TravelEntity class 310 are Flight 320, Warehouse 340, Hotel 350 and Airline 360. 
Each of these business entity classes defines a set of business attributes and 
business rules needed to provide functionality to the business entity they represent. 

1 5 For example, business attributes for Flight class 320 include flight, origin, 

destination and seats, business attributes for Hotel class 350 include name, chain, 
location and rooms, and business attributes for Airline class 360 include name 
flights, origins and destinations. 

Business entity classes which inherit the properties of ReservationEntity 

20 class 330 include Room class 370, Car class 380 and Seat class 390. Room class 
370 has business attributes name, category and price. Car class 380 has business 
attributes license and category. Seat class 390 has business attributes category, 
price and name. Business rules that provide access to the information contained on 
each business entity (which is an instance of a business entity class) are defined at 

25 various levels of the hierarchy of Fig. 3. 

The business entity classes of Fig. 3 are further described by the computer 
program of Appendix A. In one embodiment, the program of Appendix A is 
executed on a SunWorkstation II or a SparcStation 10 computer, running under the 
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SunOS v.4.1.3 operating system, all available from Sun Microsystems Inc. of 
Mountain View, Calif.. 

Typically, information on various travel services are maintained by 
different travel service providers, each utilizing unique data formats. According to 
5 some embodiments of the invention, information stored on each merchant's 
computer system (for example, in a legacy database) is translated into a set of 
business entities using the adapter, as shown in Fig. 2. The business entities are 
then distributed and processed over the computer network, as shown in Figs. 5 and 
6. 

10 In Fig. 5, multiple copies of the business entities are first created on a host 

computer in stage 510. The host computer can be either the same computer system 
on which the source data resides or a different computer connected to the computer 
on which the source data resides. A copy of the business entity is then stored on 
the host computer in stage 520. As explained with respect to the mode attribute of 

1 5 TravelEntity 3 1 0 (Fig. 3), the copy stored on the host computer represents the 
actual travel service such as a room in an hotel or a rental car. The remaining 
copies of the business entity are then distributed to remote computers over the 
computer network in stage 530. The computer network can be the Internet or any 
other very large area computer network known in the art. However, the invention 

20 is not limited to global or very large area networks, but also includes any computer 
network such as an intranet, a wide area network or a local area network. 

Stage 540 then determines whether the business entity has been deactivated, 
in which case the operation terminates; otherwise the operation proceeds to stage 
550. In stage 550, the copies of the business entities are then processed on either 

25 the host computer or one of the remote computers. The remote computers can 

either process the copies of the business entities directly or translate them back into 
a specific format (e.g., a legacy database), process them in such a format and 
translate them back into business entities format through the adapter. Since each 
copy of a business entity is self-contained, processing of a business entity does not 
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require communication with the host copy of the business entity. For example, if 
business entities representing a block of rooms in an hotel have been distributed to 
a travel agency web site and accessed by a potential customer though a web page 
maintained by the travel agency, the business entities are abie to quote a price and 
5 make or cancel a reservation without the need to contact the central reservation 
system for the hotel chain. Rather, after processing of the copy of the business 
entity is completed, a connection is established with the host computer and the host 
copy of the business entity is updated to ensure data consistency in stage 560. 
Stages 540-560 are then repeated until the business entity is deactivated. This 

1 0 scheme works well if only one copy of a business entity is distributed for each 
travel service available (e.g. for each hotel room). However, in some situations it 
may be desirable to distribute multiple copies of a business entity to increase the 
likelihood of selling the travel service. In these situations, remote copies of the 
business entities still operate independently (and thus no client-server interaction is 

1 5 required to complete a given operation) but are required to update the other (both 
host and remote) copies of the business entity within a time window. The time 
window can be defined in terms of a number of operations, a time period or both. 

In some embodiments, distributed business entities contain references to 
other business entities or to data in formats other than business entities that for 

20 efficiency reasons are not distributed along with the copies of the business entities. 
Processing of business entities under these circumstances is described in Fig. 6. 
First multiple remote copies of a business entity are created on the host computer 
in stage 610. These copies contain references to data that is not distributed as part 
of the business entity, but not copies of the actual data. The host copy of the 

25 business entity is then stored on the host computer in stage 620. The remote copies 
of the business entity are distributed to remote computers over the network in stage 
630. Stage 640 then determines whether a remote copy of a business entity 
contains a reference to data that is required for processing. If the business entity 
does not contain such a reference, the business entity is processed in stage 650 as 
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described in stages 540-550 of Fig. 5. Otherwise, the data is retrieved from the 
host computer over the network in stage 660 and is stored on the remote computer 
in stage 670. 

Furthermore, in some embodiments a distributed business entity can in turn 
5 distribute additional (network) copies of the business entity to other (network) 
computers. For example, in Fig. 2, computer 240 may process business entities A, 
B and C and determine that business entity B needs to be further processed by 
computer 250. The remote copy of business entity B can then generate a network 
copy of business entity B and distribute it to computer 250 over network 200 for 

10 further processing. For example, a business entity representing an hotel room may 
first be distributed to travel agencies over the Internet. However, if after a certain 
period of time the room has not been booked, a copy of the business entity is 
generated and sent to a liquidator agency to be sold at discount prices. If a 
reservation is made either through the travel agency or through the liquidator 

15 agency, the copy of the business entity stored on the host computer is updated as 
described with respect to Fig. 5. When remote copies of a business entity are 
further distributed to network computers the operation of Figs. 5 and 6 take place 
between the remote computer and the network computer, rather than between the 
host computer and the remote computer. 

20 Furthermore, copies of different business entities may interact to perform a 

certain task. For example, using business entities the travel agency web page 
described with respect to the prior art would be able to include all the functionality 
of the web pages maintained by individual travel service providers. In fact, all of 
the functionality of the individual web pages would be available to the travel 

25 agency's computer in the form of business entities. The travel agency's computer 
could therefore display an integrated web page eliminating the need for a user to 
follow any links to additional web pages. 

Fig. 7 illustrates the structure of a computer system in accordance to one 
embodiment of the present invention. In Fig. 7, a number of legacy applications 
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exchange data with business entities through a legacy interface. The business 
entities, in turn, access the lower layers of the system through an adapter including 
a commerce platform and facilities. The adapter and the business entity class 
definitions can be embodied in any computer-readable storage medium, such as a 
5 magnetic, a CD-ROM or a carrier wave transmitted over a computer network. The 
adapter interfaces to other computer systems connected to the network via a series 
of commercially available interfaces such as CORBA, EDI, MIME and 
HTML/JAVA. Under these interfaces, sit various communication protocols such 
as HOP, SMTP and HTTP. The communication protocols, in turn, communicate 

10 with a TCP/IP layer which is to carries out the actual communications between 
computers connected to the network. Thus, business entities can be accessed using 
any of the underlying interfaces. For example, a same business entity can be 
accessed as an HTML web page over the Internet, as a CORBA object over an 
intranet or as a business entity on the computer on which it is stored. 

1 5 The distributed business entity system further provides four levels of 

system security, as shown in Figs. 8A and 8B. In Fig. 8 A, a computer 810 is 
connected over a communication link 830 to a computer 820. Each of computers 
810 and 820 has an adapter (Fig. 7). Four types of security checks can be 
performed on data transmitted back and forth between computers 810 and 820. 

20 First, at the network-level encoding and decoding is performed using an SSL 
library and an RSA key. Second, each computer system performs a second 
authentication of the message based on an RSA key. Third, at the user-level, 
access control lists are used to provide control as to which users can access the 
information transferred over the network. Finally, content-based authentication is 

25 performed on each individual message. 

Fig. 8B shows a firewall implemented using the distributed business entity 
system. A third adapter 840 (either on a separate computer or on either one of 
computers 810 and 820) is inserted between computers 810 and 820. A message 
transmitted from computer 810 and 820 is thus first transferred over link 850 to 
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adapter 840 which performs authentication as described with respect to Fig. 8 A. If 

the message satisfies all security checks performed by adapter 840, the message is 
then forwarded to computer 820 over link 860, otherwise the message is discarded. 
As a result, adapter 840 provides a firewall 870 between computers 810 and 820. 
5 Embodiments described above illustrate but do not limit the invention. In 

particular, the invention is not limited to any particular distributed object system. 
Furthermore, the invention is not limited to any type or number of computers or 
networks. In fact, the invention can be applied to an arbitrary number of 
computers connected to an arbitrary number of networks. Therefore, not all 
1 0 computers need to be connected to the same network. Other embodiments and 

variations are within the scope of the invention, as defined by the following claims. 
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CLAIMS 

We claim: 

1 . A method of processing business entities over a computer network, 
wherein each business entity comprises one or more data structures and one or 

5 more computer instructions for operating on the data structures, the method 
comprising: 

creating a host copy and a remote copy of a business entity on a host 
computer connected to the computer network; 

storing the host copy of the business entity on the host computer; 
1 0 transmitting the remote copy of the business entity to a remote 

computer over the computer network; 

performing an operation on the remote copy of the business entity 
on the remote computer; and 

automatically updating the host copy of the business entity in 
1 5 response to the operation on the remote copy of the business entity. 

2. The method of Claim 1 , further comprising: 

performing an operation on the host copy of the business entity on 
the host computer; and 
20 automatically updating the remote copy of the business entity in 

response to the operation on the host copy of the business entity. 

3. The method of Claim 1 , wherein automatically updating a copy of a 
business entity further comprises: 

25 detecting a disruption of communications between the host and the 

remote computers over the computer network; 

suspending processing of the update until the communications are 
restored; and 
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completing the processing of the update once the communications 
are re-established. 



4. The method of Claim 1 , wherein each business entity further 
5 comprises one or more business attributes, wherein each business attribute includes 
at least one data structure. 



entity further comprises updating one or more business attributes of the business 
10 entity. 

6. The method of Claim 1 , wherein each business entity further 
comprises one or more business rules and each business rule includes at least one 
computer instruction for operating on a data structure. 



7. The method of Claim 6, wherein updating a copy of a business 
entity further comprises updating one or more business rules of the business entity. 

8. The method of Claim 1, wherein creating a copy of a business entity 
20 further comprises creating an instance of a business entity class. 



5. 



The method of Claim 4, wherein updating a copy of a business 



15 



9. The method of Claim 1 , further comprising: 



creating a network copy of the business entity on the remote 
computer connected to the computer network; 



25 



transmitting the network copy of the business entity to a network 
computer over the computer network; 



performing an operation on the network copy of the business entity 
on the network computer; and 
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automatically updating the remote copy of the business entity in 
response to the operation on the network copy of the business entity. 



10. The method of Claim 9, further comprising: 

5 automatically updating the host copy of the business entity in 

response to the operation on the network copy of the business entity. 

1 1 . The method of Claim 9, further comprising: 

performing an operation on the host copy of the business entity on 
10 the host computer, and 

automatically updating the network copy of the business entity in 
response to the operation on the host copy of the business entity. 



12. A method of processing business entities over a computer network, 
1 5 wherein each business entity comprises one or more data structures and one or 
more computer instructions for operating on the data structures, the method 
comprising: 

creating a host copy and a remote copy of a business entity on a host 
computer connected to the computer network; 
20 storing the host copy of the business entity on the host computer; 

transmitting the remote copy of the business entity to a remote 
computer over the computer network; 

determining on the remote computer that the remote copy of the 
business entity contains a reference to data stored on the host computer; 
25 transferring the data from the host computer to the remote computer 

over the computer network; and 

storing the data on the remote computer. 
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13. A system for processing business entities over a computer network, 
wherein each business entity comprises one or more data structures and one or 
more computer instructions for operating on the data structures, the system 
comprising: 
5 a computer network; 

a host computer and a remote computer connected to the computer 
network; 

a host computer program stored on the host computer, and 
a remote computer program stored on the remote computer; 
1 0 wherein the host computer and the remote computer programs 

comprise instructions for: 

creating a host copy and a remote copy of a business entity 
on the host computer; 

storing the host copy of the business entity on the host 
15 computer; 

transmitting the remote copy of the business entity to the 
remote computer over the computer network; 

determining on the remote computer that the remote copy of 
the business entity contains a reference to data stored on the host 
20 computer; 

transferring the data from the host computer to the remote 
computer over the computer network; and 

storing the data on the remote computer. 

25 14. A system for processing business entities over a computer network, 

wherein each business entity comprises one or more data structures and one or 
more computer instructions for operating on the data structures, the system 
comprising: 

a computer network; 
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a host computer and a remote computer connected to the computer 
network; 

a host computer program stored on the host computer, and 
a remote computer program stored on the remote computer; 
wherein the host computer and the remote computer programs 
comprise instructions for: 

creating a host copy and a remote copy of a business entity 
on the host computer, 

storing the host copy of the business entity on the host 
computer; 

transmitting the remote copy of the business entity to the 
remote computer over the computer network; 

performing an operation on the remote copy of the business 
entity on the remote computer; and 

automatically updating the host copy of the business entity 
in response to the operation on the remote copy of the business 
entity. 

1 5 . The system of Claim 1 4, wherein automatically updating the host 
copy of the business entity further comprises: 

detecting a disruption of communications between the host 
computer and the remote computers over the computer network; 

suspending processing of the update until the communications are 
restored; and 

completing the processing of the update once the communications 
are re-established. 

1 6. The system of Claim 1 4, wherein each entity comprises one or more 
business entities and each business entity includes at least one data structure. 
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17. The system of Claim 14, wherein each business entity comprises 
one or more business rules and each business rale comprises at least one computer 
instruction for operating on a data structure. 

1 8. The system of Claim 1 4, wherein the host computer and the remote 
computer programs further comprise instructions for: 

peiforming an operation on the host copy of the business entity on 
the host computer; and 

automatically updating the remote copy of the business entity in 
response to the operation on the host copy of the business entity. 



19. The system of Claim 14, wherein the instructions for creating a 
copy of a business entity further comprise instructions for creating an instance of a 
1 5 business entity. 



20. The system of Claim 1 4, further comprising a network computer 
program stored on a network computer connected to the computer network, 
wherein the remote computer and the network computer programs further comprise 
20 instructions for: 

creating a network copy of the business entity on the remote 
computer; 

transmitting the network copy of the business entity to the network 
computer over the computer network; 
25 performing an operation on the network copy of the business entity 

on the network computer; and 

automatically updating the remote copy of the business entity in 
response to the operation on the network copy of the business entity. 
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2 1 . The system of Claim 20, wherein the network computer program 
further comprises instructions for: 

automatically updating the host copy of the business entity in 
response to the operation on the network copy of the business entity. 

5 

22. A computer-readable storage medium comprising instructions for: 
creating a host copy and a remote copy of a business entity on a host 

computer connected to a computer network; 

storing the host copy of the business entity on the host computer; 
1 0 transmitting the remote copy of the business entity to a remote 

computer over the computer network; 

performing an operation on the remote copy of the business entity 
on the remote computer; and 

automatically updating the host copy of the business entity in 
1 5 response to the operation on the remote copy of the business entity; 

wherein each business entity comprises one or more data structures and one 
or more computer instructions for operating on the data structures. 

23 . The computer-readable storage medium of Claim 22, further 
20 comprising instructions for: 

performing an operation on the host copy of the business entity on 
the host computer; and 

automatically updating the remote copy of the business entity in 
response to the operation on the host copy of the business entity. 

25 

24. The computer-readable storage medium of Claim 22, further 
comprising instructions for creating an instance of a business entity. 
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25 . The computer-readable storage medium of Claim 22, further 
comprising instructions for: 

creating a network copy of the business entity on the remote 
computer; 

5 transmitting the network copy of the business entity to a network 

computer over the computer network; 

performing an operation on the network copy of the business entity 
on the network computer, and 

automatically updating the remote copy of the business entity in 
1 0 response to the operation on the network copy of the business entity. 

26. The computer-readable storage medium of Claim 22, further 
comprising instructions for: 

automatically updating the host copy of the business entity in 
1 5 response to the operation on the network copy of the business entity. 
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